Appln. No. 10/788,523 

Amendment dated April 9, 2008 

Reply to Office Action dated November 9, 2007 

REMARKS/ARGUMENTS 

Applicant would like to thank the Examiner for the careful consideration given the 
present application. The application has been carefully reviewed in light of the Office Action, 
and amended as necessary to more clearly and particularly describe the subject matter that 
Applicant regards as the invention. 

Claims 1, 7, 8 and 11 were rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for reciting "a terminal device having no secure information concealing area." The 
Office action asserts that the specification does not define what the no secure information 
concealing area is and, therefore, the claimed invention is rendered unclear and indefinite. 35 
U.S.C. 1 12, second paragraph, requires claim terms to have meanings that are discernable to one 
of ordinary skill in the art. A claim term is indefinite only if it remains insolubly ambiguous 
after all reasonable attempts at construction. See MPEP § 2173.02. The test for indefmiteness 
applied in the Office action, i.e., whether the claim term is defined in the specification, is 
improper. The MPEP states that a claim term that is not defined in the specification is not 
indefinite if the meaning of the claim term is discernable. Id. 35 U.S.C. 1 12, second paragraph, 
merely requires that claim terms be discernable and not insolubly ambiguous, and definition in 
the specification is not a requirement. In this case, the terms "no secure information concealing 
area" are discernable and are not insolubly ambiguous and, therefore, are not indefinite. When 
read in the context of the entire specification, one of ordinary skill in the art would readily 
understand the term "information" to be synonymous with data, and "concealing area" to mean a 
memory location for concealing the data. For example, at page 3, lines 7-11, the application 
discusses secret information within a secure device and refers to the secret information as "secret 
data" which can be held in a tamper resistant area that is securely constructed by hardware. The 
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application further states that a mobile terminal device 30 does not have an area in which the 
secret information can be stored securely (see page 3, lines 23-25). Applicant submits that the 
terms "no secure information concealing area" have a meaning that is readily discernable to one 
of ordinary skill in the art and are not insolubly ambiguous. Therefore, the rejections of claim 1, 
7, 8 and 1 1 under 35 U.S.C. 1 12, second paragraph, are improper and should be withdrawn. 

Claims 1-11 were rejected under 35 U.S.C. 103(a) as being unpatentable over DeTreville 
in view of Barlow. Claim 1 recites, "a terminal device having no secure information concealing 
area." The Office action cites DeTreville's "open system" for teaching a terminal device having 
no secure information concealing area. As discussed above, the terms "no secure information 
concealing area" refer to the lack of a memory location for concealing secure data. The terms 
"open system" are clearly defined in DeTreville as a computer that is accessible to multiple 
individuals and/or other computers (some of which cannot be trusted with users' private 
information). See column 1, lines 40-43. DeTreville does not specify whether the open system 
computer has or lacks a memory location for concealing secure data. Applicant submits that the 
cited combination of references fails to teach, or otherwise render foreseeable, a terminal device 
having no secure information concealing area , as required by claim 1, and that claim 1 is 
allowable over the cited combination of references. The argument provided with respect to 
claim 1 is also applicable to claims 2-11. 

Claim 8 recites, " an application execution runtime environment ; an Operating System 
(OS) verifying and invoking the application execution runtime environment; and an 
application. . . executed by the application execution runtime environment . . . the fitted secure 
device authenticates the application execution runtime environment ." The cited combination of 
references does not teach an application execution runtime environment that executes an 
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application and which is verified and invoked by a separate operating system. DeTreville 
teaches an operating system, but does not teach a separate application execution runtime 
environment. Because the cited combination fails to teach an application execution runtime 
environment, it necessarily fails to teach a secure device that authenticates the application 
execution runtime environment. For at least these reasons, claim 8 is allowable over DeTreville 
in view of Barlow. 

Claim 11 recites, "wherein said terminal device includes applications, an application 
execution runtime environment for running and authenticating the applications requesting access 
to the secure device, and an Operating System (OS) verifying and invoking the application 
execution runtime environment... wherein the application execution runtime environment 
calculates digest data of said application and verifies an electronic signature attached to the 
application by using the digest data, and authenticates the application ." The cited combination of 
references does not teach an application execution runtime environment for running and 
authenticating an application, in addition to an operating system that verifies and invokes the 
application execution runtime environment. Moreover, the cited combination of references does 
not teach the calculation of digest data of the application, and the verification of the application's 
electronic signature using the digest data, by an application execution runtime environment. 
DeTreville does teach a computer application that authenticates itself to a portable IC device 
(23:15-17). However, the cited combination of references is silent with respect to an application 
execution runtime environment calculating digest data of an application that it runs and verifying 
an electronic signature of the application using the calculated digest data. For at least these 
reasons, claim 1 1 is allowable over the cited combination of references. 
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Claim 2 recites, "an Operating System (OS) verifying and invoking said application 
running means, wherein said application running means is an application execution runtime 
environment." The cited combination of references does not teach an application running means 
that is an application execution runtime environment in addition to an operating system that 
verifies and invokes the application execution runtime environment. Claim 2 further recites, 
"wherein the application running means ...presents... the application electronic signature to the 
secure device." The application running means of claim 2 is an application execution runtime 
environment. Therefore, claim 2 requires an application execution runtime environment that 
presents an application electronic signature to a secure device. DeTreville teaches a computer 
application that authenticates itself to a portable IC device by signing a received random number 
using a private key for the application (23:15-34). However the cited combination of references 
does not teach an application execution runtime environment that presents an application 
electronic signature to a secure device, as required by claim 2. For at least these reasons, claim 2 
is allowable over the cited combination of references. 

Claim 9 depends from claim 8 and is allowable for at least the reasons discussed above 
with respect to claim 8. Claim 8 recites, "wherein the application execution runtime 
environment calculates digest data of the application," and claim 9 recites, "wherein the 
application execution runtime environment verifies an electronic signature attached to the 
application by using the digest data, and authenticates the application." As discussed above with 
respect to claim 11, the cited combination of references does not teach the calculation of digest 
data of the application, and the verification of the application's electronic signature using the 
digest data, by an application execution runtime environment. DeTreville teaches a computer 
application that authenticates itself to a portable IC device (23:15-17). However, the cited 
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combination of references is silent with respect to an application execution runtime environment 
calculating digest data of an application that it runs and verifying an electronic signature of the 
application using the calculated digest data. 

Claim 3 recites, "an Operating System (OS) verifying and invoking said application 
running means, wherein said application running means is an application execution runtime 
environment." The cited combination of references does not teach an application running means 
that is an application execution runtime environment in addition to an operating system that 
verifies and invokes the application execution runtime environment. Claim 3 further recites, "a 
database stored in the secure device, wherein the database includes predetermined digest data for 
authenticating a plurality of applications." The cited combination of references does not teach a 
secure device having a database including predetermined digest data for authenticating a 
plurality of applications. For at least these reasons, claim 3 is allowable over the cited 
combination of references. 

Claim 10 depends from claim 8 and is allowable for at least the reasons discussed above 
with respect to claim 8. 

Claim 4 depends from claim 3 and is allowable for at least the reasons discussed above 
with respect to claim 3. Claim 4 recites, "wherein the application running means encrypts the 
first information by using the digest data and sends out encrypted information to the secure 
device, and then wherein the secure device decrypts the encrypted information by using the 
digest data..." Claim 4 requires the encrypting and decrypting of information by using digest 
data. Applicant's attorney has thoroughly reviewed the cited combination of references and can 
find no teaching of the encrypting and subsequent decrypting of information using digest data , as 
required by claim 4. 
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Claim 5 recites, "an Operating System (OS) verifying and invoking said application 
running means, wherein said application running means is an application execution runtime 
environment." The cited combination of references does not teach an application running means 
that is an application execution runtime environment in addition to an operating system that 
verifies and invokes the application execution runtime environment. For at least this reason, 
claim 5 is allowable over the cited combination of references. 

Claim 6 depends for claim 2 and is allowable for at least the reasons discussed above 
with respect to claim 2. 

Claim 12 and 13 were rejected under 35 U.S.C. 103(a) as being unpatentable over 
DeTreville in view of Lee. Claims 12 and 13 both require an application execution runtime 
environment that verifies and executes an application, in addition to an operating system that 
verifies and invokes the application execution runtime environment. The cited combination of 
references does not teach an application execution runtime environment that executes an 
application and which is verified and invoked by a separate operating system. For at least these 
reasons, claims 12 and 13 are allowable over DeTreville in view of Lee. 

In light of the foregoing, it is respectfully submitted that the present application is in 
condition for allowance and notice to that effect is hereby requested. If it is determined that the 
application is not in condition for allowance, the Examiner is invited to initiate a telephone 
interview with the undersigned attorney to expedite prosecution of the present application. 
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If there are any additional fees resulting from this communication, please charge same to 
our Deposit Account No. 16-0820, our Order No. NGB-36483. 



1801 East 9 th Street 
Suite 1200 

Cleveland, Ohio 44114-3108 
(216) 579-1700 

Date: April 9, 2008 



Respectfully submitted, 
PEARNE & GORDON, LLP 



By: 




Brad C. Spencer, Reg. No. 57076 
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